AMCHAM PHILIPPINES OSAC MEETING 17 MAY 2018 Resilience Everyday - - PowerPoint PPT Presentation

AMCHAM PHILIPPINES OSAC MEETING

17 MAY 2018

1

Resilience Everyday PSA Philippines Consultancy Inc

RESILIENCE & BUSINESS CONTINUITY (1970'S TO 2000'S)

• First, there was contingency planning and disaster recovery planning
• Then, came business continuity planning
• Paralleling this is: development of incident, emergency and crisis

management

• And disaster risk reduction (Sendai Framework 2015-2030)
• Scenarios included all forms both:

― Natural disasters (e.g. earthquakes and typhoons) versus man- made disasters (e.g. major accidents, terrorism and war) ― Technical disruption (e.g. IT failures) versus human disruption (e.g. pandemics)

RESILIENCE

Resilience is developed from an attitude; it is NOT a process Resilience is your business Resilience is shaped by organisational culture; it must be lived day-by-day Resilience requires committed leadership from top to bottom; and planning from bottom-to-top Resilience must be inculcated into every process Resilience is a characteristic, a quality, an outcome

4

Change and Strengthening Resiliency

Most of you know Pacific Strategies & Assessments (PSA). It was founded in November 1999 by Scott Harrison. Since then, the business has grown rapidly becoming the premier business risk consultancy, having our home, in Asia. This month after some stellar growth in our International Due Diligence practice we have decided to split the company into two entities. This is a decision to strengthen and make our business more resilient. Pacific Strategies and Assessments which will remain as the provider of our International Due Diligence, very much a BPO

• peration.

PSA Philippines Consultancy Inc will house the

• 1. Market Entry and Intelligence,
• 2. Security and Crisis Management, and
• 3. Corruption and Fraud Prevention Services.

Testing Your Resilience

 Resilience to what? – Typhoons, Earthquakes, Political upheaval, Pandemics, you name them.  What we see as daily tests of resilience Corruption and the judicial system Organized crime Cyber crime Assaults on your reputation

6

Challenges to a Company”s Resilience

6

7

Corruption and Organized crime

A much greater problem than many will recognize or accept Tolerated in some companies but invariably it becomes too big to ignore Can involve suppliers, vendors, politicians and staff When challenged brings huge existential risks

Organized Crime

The scope of the problem:

• The distributor
• The marketing team
• The finance team
• The procurement team
• Floor staff
• The security team
• The transport group

The presence of internal and external players Political leadership and protection

8

Medical Instrument Manufacturer

• A Manufacturing company has been in business in the Philippines for four

decades

• Our investigation began with a whistleblower email implicating two

employees engaged in procurement fraud.

• The investigation was later expanded to other illegal activities the company

was previously unaware of.

The Situation

PHASES OF INVESTIGATION

1 2 3 Computer forensics analysis was expanded to 17 hard drives based

• n the information

contained in the first HDD  Results of other components of the investigation – audits, interviews with key individuals, and pretext approaches  Raids and external inquiries with vendors, local parties and politicians

AREAS OF INVESTIGATION

Illegal Commissions Thefts Vendor Overcharges

Illegal commission from whistleblower email Specific illegal commission amounting to P600,000 ($14,300) Illegal commission from the company’s security provider Production materials Overcharges from the company’s manpower service provider Overcharges from the company’s supplier of chemicals and materials Theft of Products

• A comprehensive audit conducted by external auditors finds

massive cover ups and major losses in excess of 100 million

• f dollars.
• 31 employees dismissed
• The company closes one of its plants and retrenches 350

employees

The Outcomes as a Result of the Crimes

• A buyer proven to being paid illegal commissions amounting

to P2,600,000 pesos. The Senior Purchasing Director engaged in an illicit affair, which is being used by the buyer and others as leverage. (keep your mouth shut)

• The proven involvement of the Purchasing Manager and a

warehousemen in the continuous theft of production material

• Raids led by NBI, instigated by the company on two identified

vendors shown to be conspiring with staff members and implicated in the theft of products recover 10,500 pieces of finished products with a retail value of 100 million pesos

The Outcomes as a Result of the Crimes

• A buyer shown to be living beyond his means:
• 3 franchise businesses registered in 1 year
• Has three registered vehicles under his name in 1

year

• Lending businesses of two buyers with amounts not

commensurate with their salaries

• A finance team member making regular fund transfers

to a manager of a vendor company

• Non-accredited vendors being awarded bidding

contracts by the Purchasing Department

• The Security Manager’s trip to Singapore with a sales

staff member from a vendor company

The Outcomes as a Result of the Crimes

Scenario #1

15

• You run an US based BPO that had in the Philippines 1200 seats

providing transcription services using your own IP protected software.

• Over a three year period a number of your key clients have shifted

their accounts to another BPO operating out of one of the new wave

• cities. You have lost $150 mil in revenue and have had to retrench

625 staff.

• You are told the new company is owned and managed by

ex company executives

• This new company has recruited key individuals and is recruiting

from your retrenched staff What is going on? How do you identify the causes? Who are these new players? How do you stop it?

16

Cybercrimes

• Data Breaches
• Hacking
• Social engineering
• Phishing
• Malware
• Capture of Data
• Identity Theft – Patient Records
• Business Email Compromise
• Ransom ware
• Possession
• Extortion
• Transaction Fraud
• Transmission of child pornography
• Harassment using e-mails and cyber-stalking
• Computer vandalism
• Unauthorized Control

The posting and distribution of obscene material is one of the most prevalent and may be related to extortion or reputation attack a conduit for placing malware

16

17

DBIR STATISTICS 2017 CYBER ATTACKS

Scenario #2

18

19 19

Ransomware

20

Ransomware in the Philippines

Ransomware are software which will lock a user out of the computer and ask for money to regain access. Hackers who employ ransomware often ask for payments in cryptocurrency - bitcoin. In 2017 in one attack at least 28 companies here were infected by a worm, dubbed WannaCry, that locked up some 200,000 companies in more than 150 countries. In the wake of a massive global ransomware attack, the Bangko Sentral instructed banks and other financial institutions not to pay or communicate with cyber criminals The risk has lowered in 2018 but still remains a major threat to a companies ability to

• perate

21

Ransomware

Global cybersecurity insurance company Beazley looked at and reported on more than 2,600 data incidents in 2017, spanning several industries The report found that 24 percent of all ransomware attacks studied in 2017 were in the financial sector and 15% in healthcare Heritage Valley Health Systems, a health care network that runs two hospitals in Western Pennsylvania, confirmed that it was a victim of a ransomware attack that had spread around the globe as was shut down for several months as all their data was locked and inaccessible – No back up “Even after they pay the Bitcoin ransom, recovery can take weeks or months. The biggest threat is business interruption. A lot of smaller hospitals, certainly rural critical access care hospitals don’t operate at margins that allow them to deal with a lot of downtime. These incidents can literally put them out

• f business,” Martinez told

Prevention - Ransomware

Back up Back up Back up Education Access controls Least Privilege Whitelisting Create Strong Passwords Lock Your Computer Protect Your Computer Own Your Online Presence Report Suspicious Activity

22

WHAT IS REQUIRED IN ORDER TO BUILD RESILIENCE IN AN ORGANIZATION:

• resilience capability is strongest in an organization that anticipates and

understands emerging threats

• understands the threat impact;
• develop and maintain partnerships with critical stakeholders in their supply chain,

sector and community;

• responds and recovers from disruptions as a unified organization team;
• adapts to disruptions and reacts flexibly to incidents;
• ensures staff are willing and able to support the organization in times of adversity

(and is prepared and reciprocal in supporting them and their needs);

• articulates clear organizational objectives and intent;
• establishes a strong sense of purpose in response to and recovery from a

disruption;

• leads with clear direction; and
• enables devolved problem solving.

24

Summary

• Resilience is your business
• The threat to your future is

with you every day

• It is not a passing fad
• It doesn’t require and act of

god

Graeme Campbell

Executive Director PSA Philippines Consultancy Inc Telephone: 0920-958-6538

Scenario #3

You receive notification that your acceptance at the IMPSA/OSAC Conferenec in Washington was not confirmed. Your tickets are booked and you leave this Sunday. The deposit was sent via telegraphic transfer was not received.Records show two payments totaling $4750.00USD were made one month earlier to the organisers and the hotel. What could have happened ? How did this happen? What should you do who do you call? How do you prevent this possibility? What steps can you take to avoid this happening?

26